RE: Extended Access-list in BGP

From: Brian Dennis (bdennis@internetworkexpert.com)
Date: Sat May 29 2004 - 20:09:44 GMT-3

• Next message: Tom Rogers: "mls QoS"
• Previous message: Dan Shechter Gelles: "Re: Repost: How to make a IGP grading script."
• Maybe in reply to: Ahmed Mustafa: "Extended Access-list in BGP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Here is the syntax:
access-list <ACL #> permit ip <network> <wildcard mask of network>
<subnet mask> <wildcard mask of subnet mask>

Here are some examples:
access-list 100 permit ip 10.0.0.0 0.0.0.0 255.255.0.0 0.0.0.0
Matches 10.0.0.0/16 - Only

access-list 100 permit ip 10.0.0.0 0.0.0.0 255.255.255.0 0.0.0.0
Matches 10.0.0.0/24 - Only

access-list 100 permit ip 10.1.1.0 0.0.0.0 255.255.255.0 0.0.0.0
Matches 10.1.1.0/24 - Only

access-list 100 permit ip 10.0.0.0 0.0.255.0 255.255.255.0 0.0.0.0
Matches 10.0.X.0/24 - Any number in the 3rd octet of the network with a
/24 subnet mask.

access-list 100 permit ip 10.0.0.0 0.255.255.0 255.255.255.0 0.0.0.0
Matches 10.X.X.0/24 - Any number in the 2nd & 3rd octet of the network
with a /24 subnet mask.

access-list 100 permit ip 10.0.0.0 0.255.255.255 255.255.255.240 0.0.0.0
Matches 10.X.X.X/28 - Any number in the 2nd, 3rd & 4th octet of the
network with a /28 subnet mask.

access-list 100 permit ip 10.0.0.0 0.255.255.255 255.255.255.0 0.0.0.255
Matches 10.X.X.X/24 to 10.X.X.X/32 - Any number in the 2nd, 3rd & 4th
octet of the network with a /24 to /32 subnet mask.

access-list 100 permit ip 10.0.0.0 0.255.255.255 255.255.255.128
0.0.0.127
Matches 10.X.X.X/25 to 10.X.X.X/32 - Any number in the 2nd, 3rd & 4th
octet of the network with a /25 to /32 subnet mask

Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Ahmed Mustafa
Sent: Saturday, May 29, 2004 1:14 PM
To: ccielab@groupstudy.com
Subject: Extended Access-list in BGP

Does anyone have any document or any link where I can do some practice
of
extended access-list (Used in BGP). Not the regular extended list which
I
know very well

• Next message: Tom Rogers: "mls QoS"
• Previous message: Dan Shechter Gelles: "Re: Repost: How to make a IGP grading script."
• Maybe in reply to: Ahmed Mustafa: "Extended Access-list in BGP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Jun 02 2004 - 11:12:19 GMT-3